{"vulnerability": "cve-2024-2227", "sightings": [{"uuid": "7a9fe84f-0e47-49dc-b032-3bf04b9abade", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22275", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7891", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-22275: Partial File Read in VMware vCenter Server\nURL\uff1ahttps://github.com/mbadanoiu/CVE-2024-22275\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-06T18:31:23.000000Z"}, {"uuid": "e3f5086d-6d17-456c-8456-bf1c947e4e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7890", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server\nURL\uff1ahttps://github.com/mbadanoiu/CVE-2024-22274\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-06T18:17:25.000000Z"}, {"uuid": "ba64994e-1a96-43b2-b90c-b12388373d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7984", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC -  Authenticated Remote Code Execution in VMware vCenter Server (CVE-2024-22274 Exploit))\nURL\uff1ahttps://github.com/l0n3m4n/CVE-2024-22274-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-15T07:43:05.000000Z"}, {"uuid": "82ea0f4a-aa3d-4cf6-a06d-e1284de96bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22277", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7424", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22277\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: VMware Cloud Director Availability contains an HTML injection vulnerability. \nA\n malicious actor with network access to VMware Cloud Director \nAvailability can craft malicious HTML tags to execute within replication\n tasks.\n\ud83d\udccf Published: 2024-07-04T13:21:17.247Z\n\ud83d\udccf Modified: 2025-03-13T16:31:39.671Z\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24557", "creation_timestamp": "2025-03-13T16:45:17.000000Z"}, {"uuid": "9ae5a2e9-ac4f-4c7c-8d5a-048782ddda55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22278", "type": "seen", "source": "https://t.me/cvedetector/2320", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22278 - Harbor Unauthenticated Configuration Modification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-22278 \nPublished : Aug. 2, 2024, 1:15 a.m. | 36\u00a0minutes ago \nDescription : Incorrect user permission validation in Harbor Severity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T03:59:10.000000Z"}, {"uuid": "7110733e-1af5-4075-b947-f8095f7ef470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/396", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T02:46:52.000000Z"}, {"uuid": "faaa1b17-f266-4a88-b405-5012f065688f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3405", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:42.000000Z"}, {"uuid": "cfab5e52-4171-419b-af36-8814783c3877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "seen", "source": "Telegram/InC9ykp30kkGfhiYdl0JO-8FjhrnZj9ZHpQO0myY9Q5Qr4I", "content": "", "creation_timestamp": "2024-07-19T00:41:28.000000Z"}, {"uuid": "cd6d63b9-225e-4244-b556-cc3175420354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/2934", "content": "Authenticated RCE in VMWare vCenter https://github.com/mbadanoiu/CVE-2024-22274", "creation_timestamp": "2024-07-10T00:23:13.000000Z"}, {"uuid": "1ea7d88c-f597-49b4-87df-e4833a370ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22277", "type": "seen", "source": "https://t.me/thehackernews/5237", "content": "\u26a0\ufe0f GitLab has patched a critical vulnerability (CVE-2024-6385) with a CVSS score of 9.6, allowing attackers to run pipeline jobs as any user. \n \nAlso, Citrix updates for CVE-2024-6235, & Broadcom addresses flaws in VMware Cloud Director (CVE-2024-22277) & Aria Automation (CVE-2024-22280). \n \nLearn more: https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html \n \nDon't wait \u2013 secure your development environment now.", "creation_timestamp": "2024-07-11T05:53:00.000000Z"}, {"uuid": "5b189628-640d-4d94-8b8f-5f94ae23fc02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25267", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:50.000000Z"}, {"uuid": "aa3921ed-a592-4807-9986-983f2b852025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2792", "content": "https://github.com/l0n3m4n/CVE-2024-22274-RCE\n\nPrivilege Escalation: VMware vCenter Server Authenticated RCE\n#github #exploit #poc", "creation_timestamp": "2024-07-15T17:53:12.000000Z"}, {"uuid": "2c6b27e4-ec3b-4b43-b3d8-d4935c62bf01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "seen", "source": "https://t.me/zer0day1ab/31", "content": "CVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T20:50:43.000000Z"}, {"uuid": "3511bfc1-c546-474c-be25-c61a79fbb3ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1508", "content": "\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\n\nCVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T00:00:38.000000Z"}, {"uuid": "ebfbb5e3-7c7d-405f-8c9e-b693c8eb3290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5332", "content": "\u200aVMware vCenter Server RCE (CVE-2024-22274): PoC Exposes Systems to Remote Takeover\n\nhttps://securityonline.info/vmware-vcenter-server-rce-cve-2024-22274-poc-exposes-systems-to-remote-takeover/", "creation_timestamp": "2024-07-09T10:08:52.000000Z"}, {"uuid": "47939f17-3d2f-48dc-9b59-da67f70a4771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22271", "type": "seen", "source": "https://t.me/cvedetector/349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22271 - In Spring Cloud Function framework, versions 4.1.x\", \n  \"Content\": \"CVE ID : CVE-2024-22271 \nPublished : July 9, 2024, 1:15 p.m. | 16\u00a0minutes ago \nDescription : In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions.  \n  \nSpecifically, an application is vulnerable when all of the following are true:  \n  \nUser is using Spring Cloud Function Web module  \n  \nAffected Spring Products and Versions Spring Cloud Function Framework 4.1.0 to 4.1.2 4.0.0 to 4.0.8  \n  \nReferences   \u00a0  \u00a0History 2020-01-16: Initial vulnerability report published. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T15:36:55.000000Z"}, {"uuid": "608e2c35-e6cf-4fcc-841c-cfeb06ef2c88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22277", "type": "seen", "source": "https://t.me/cvedetector/56", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22277 - VMware Cloud Director Availability contains an HTM\", \n  \"Content\": \"CVE ID : CVE-2024-22277 \nPublished : July 4, 2024, 2:15 p.m. | 32\u00a0minutes ago \nDescription : VMware Cloud Director Availability contains an HTML injection vulnerability.  \nA \n malicious actor with network access to VMware Cloud Director  \nAvailability can craft malicious HTML tags to execute within replication \n tasks. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-04T16:50:46.000000Z"}, {"uuid": "2c7833fb-de64-40da-a716-9b3a813ff345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22270", "type": "seen", "source": "Telegram/Cj91e4B3iZcLGGr-UVJYOcr-TGYmDTp8zo8LHHY5pfrKVIU", "content": "", "creation_timestamp": "2024-06-09T17:52:33.000000Z"}, {"uuid": "8ccf63e6-1639-41f4-974f-6f8dd7da434b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6380", "content": "Exploiting CVE-2024\u201322274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense\u2026: https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-18T04:18:36.000000Z"}, {"uuid": "df7ae04d-e95b-4c6d-b016-81d0eb088d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22273", "type": "seen", "source": "Telegram/PuQwCHlCIT2RGR7Hpb0MZmwOeJH932D1mkObQoUF0cPLHwXH", "content": "", "creation_timestamp": "2025-03-02T11:46:30.000000Z"}, {"uuid": "76d8dd49-e06e-4380-ae03-a0aff08cd29c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "Telegram/Kjaky2iO7ZsRL5h4THsimvHn2xzyf9mFpFGwKs3Ggbvkhtc", "content": "", "creation_timestamp": "2024-08-09T09:36:15.000000Z"}, {"uuid": "cf294bf2-8a53-4bff-a5d7-40bd1ca89dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22275", "type": "published-proof-of-concept", "source": "Telegram/Kjaky2iO7ZsRL5h4THsimvHn2xzyf9mFpFGwKs3Ggbvkhtc", "content": "", "creation_timestamp": "2024-08-09T09:36:15.000000Z"}, {"uuid": "b54feef3-d71f-4883-87ce-dea6a18d9b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8212", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "b18a398e-b5b3-4d6f-adb3-4d699240fb79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22275", "type": "seen", "source": "https://t.me/CyberSecurity026/4856", "content": "\u26a0\ufe0f  \u062a\u062d\u0630\u064a\u0631 \u0623\u0645\u0646\u064a\n\n \u0627\u0644\u062b\u063a\u0631\u0629 :\n\u0640CVE-2024-22273\n\u0640CVE-2024-22274\n\u0640CVE-2024-22275\n\n \u0627\u0644\u0645\u0646\u062a\u062c \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 : \nVMware ESXi, Workstation, Fusion, vCenter Server \n\n \u0645\u062f\u0649 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 :\n \u0639\u0627\u0644\u064d\n\n \u0627\u0644\u062a\u0647\u062f\u064a\u062f : \n\u062a\u0633\u0645\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0645\u062d\u0644\u064a (Local access)  \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u062e\u0628\u064a\u062b\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0648\u0643\u0630\u0644\u0643 \u0647\u062c\u0645\u0627\u062a \u062d\u062c\u0628 \u0627\u0644\u062e\u062f\u0645\u0629 DoS \u0648\u0627\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629 \u0648\u0627\u0644\u062d\u0633\u0627\u0633\u0629.\n\n \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 : \n\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0645\u0646\u062a\u062c \u0645\u0646 \u0645\u0632\u0648\u062f \u0627\u0644\u062e\u062f\u0645\u0629.\n\n \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u0639\u0631\u0636\u0629 \u0644\u0644\u0636\u0631\u0631 :\nVMware ESXi: 7.0, 8.0\nVMware Workstation: 17.x\nVMware vCenter Server: 7.0, 8.0\nVMware Fusion: 13.x", "creation_timestamp": "2024-05-30T09:14:27.000000Z"}, {"uuid": "2136ec40-6f0c-4d5e-a4f7-dcb9bba16367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22273", "type": "seen", "source": "https://t.me/CyberSecurity026/4856", "content": "\u26a0\ufe0f  \u062a\u062d\u0630\u064a\u0631 \u0623\u0645\u0646\u064a\n\n \u0627\u0644\u062b\u063a\u0631\u0629 :\n\u0640CVE-2024-22273\n\u0640CVE-2024-22274\n\u0640CVE-2024-22275\n\n \u0627\u0644\u0645\u0646\u062a\u062c \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 : \nVMware ESXi, Workstation, Fusion, vCenter Server \n\n \u0645\u062f\u0649 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 :\n \u0639\u0627\u0644\u064d\n\n \u0627\u0644\u062a\u0647\u062f\u064a\u062f : \n\u062a\u0633\u0645\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0645\u062d\u0644\u064a (Local access)  \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u062e\u0628\u064a\u062b\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0648\u0643\u0630\u0644\u0643 \u0647\u062c\u0645\u0627\u062a \u062d\u062c\u0628 \u0627\u0644\u062e\u062f\u0645\u0629 DoS \u0648\u0627\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629 \u0648\u0627\u0644\u062d\u0633\u0627\u0633\u0629.\n\n \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 : \n\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0645\u0646\u062a\u062c \u0645\u0646 \u0645\u0632\u0648\u062f \u0627\u0644\u062e\u062f\u0645\u0629.\n\n \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u0639\u0631\u0636\u0629 \u0644\u0644\u0636\u0631\u0631 :\nVMware ESXi: 7.0, 8.0\nVMware Workstation: 17.x\nVMware vCenter Server: 7.0, 8.0\nVMware Fusion: 13.x", "creation_timestamp": "2024-05-30T09:14:27.000000Z"}, {"uuid": "83eb144a-214e-4ff5-9a0c-f23d48766328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "seen", "source": "https://t.me/CyberSecurity026/4856", "content": "\u26a0\ufe0f  \u062a\u062d\u0630\u064a\u0631 \u0623\u0645\u0646\u064a\n\n \u0627\u0644\u062b\u063a\u0631\u0629 :\n\u0640CVE-2024-22273\n\u0640CVE-2024-22274\n\u0640CVE-2024-22275\n\n \u0627\u0644\u0645\u0646\u062a\u062c \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 : \nVMware ESXi, Workstation, Fusion, vCenter Server \n\n \u0645\u062f\u0649 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 :\n \u0639\u0627\u0644\u064d\n\n \u0627\u0644\u062a\u0647\u062f\u064a\u062f : \n\u062a\u0633\u0645\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0645\u062d\u0644\u064a (Local access)  \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u062e\u0628\u064a\u062b\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0648\u0643\u0630\u0644\u0643 \u0647\u062c\u0645\u0627\u062a \u062d\u062c\u0628 \u0627\u0644\u062e\u062f\u0645\u0629 DoS \u0648\u0627\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629 \u0648\u0627\u0644\u062d\u0633\u0627\u0633\u0629.\n\n \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 : \n\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0645\u0646\u062a\u062c \u0645\u0646 \u0645\u0632\u0648\u062f \u0627\u0644\u062e\u062f\u0645\u0629.\n\n \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u0639\u0631\u0636\u0629 \u0644\u0644\u0636\u0631\u0631 :\nVMware ESXi: 7.0, 8.0\nVMware Workstation: 17.x\nVMware vCenter Server: 7.0, 8.0\nVMware Fusion: 13.x", "creation_timestamp": "2024-05-30T09:14:27.000000Z"}, {"uuid": "345186f3-52ce-40ac-8d7e-c639b8eb33e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6918", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "bc313fd2-ed25-4b63-90c7-cc5dd8e64904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "Telegram/zue4vN4mWYH0v_TFmxdq05ukpnYF3fW2akZIlYAzL7ksKL4", "content": "", "creation_timestamp": "2024-08-07T00:41:34.000000Z"}, {"uuid": "d7bc6e2e-1919-4899-b533-3f5bedf0cad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1507", "content": "", "creation_timestamp": "2024-07-07T00:00:50.000000Z"}, {"uuid": "2eb70a54-70bf-4131-9fff-a8b18edd4445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1655", "content": "CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server\n\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n#cve #poc", "creation_timestamp": "2024-07-07T14:02:23.000000Z"}, {"uuid": "2bdfd414-e341-4615-86d0-e3c4a3d27ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22274", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10795", "content": "#exploit\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401", "creation_timestamp": "2024-07-08T03:16:55.000000Z"}]}